Last Updated: December 16, 2022
BioDuro LLC (“BioDuro-Sundia,” “we,” “our,” and “us”) is committed to protecting individual privacy and maintaining trust with our business clients (“Clients”), and others who use or interact with our website (collectively, “End Users”). This Privacy Policy (“Policy”) describes how we collect and use Personal Information (defined below) across our website – www.bioduro-sundia.com (the “Site”), and as part of our services (“Services”). This Policy does not apply to Personal Information we collect offline, or to our collection of applicant and employee Personal Information, all of which may be governed by separate privacy policies.
Note that if you are a participant in a clinical study managed by one of our Clients we do not receive your Personal Information from our Client. Therefore, if you have questions or requests regarding your Personal Information you should direct these to the Client in whose study you are participating.
1. Information We Collect
2. How We Use Information
3. How We Disclose Information
4. Our Use of Cookies
5. Do Not Track
6. Information Regarding Children
7. Your Privacy Rights
8. Legal Disclaimers
9. Links
10.Updates to This Policy
11.Contact Us
12.Additional Information for California Residents
13.Additional Information for Individuals Located in the European Economic Area (EEA) and United Kingdom (UK)
We collect information that identifies, describes, or is reasonably capable of being associated with an individual (“Personal Information”). Personal Information does not include publicly available information from government records, deidentified information, or aggregated information. We collect and use different types of Personal Information for various reasons depending on how End Users interact with us and use our Site or Services. The following describes the types of Personal Information we collect.
We may collect Personal Information directly from End Users who interact with our Site. The Personal Information we collect through our Site includes:
Contact Information. We collect information such as End Users’ first and last name, email, phone number, fax number, employer, city, country, referral source, and areas of interest.
Message Contents. If an End User sends us messages through our Site of via email, we also collect message contents, including responses to open ended or multiple-choice questions, and any other information End Users may choose to provide.
We may automatically collect the following Personal Information from or about End Users who visit our Site:
Device Identifiers. When an End Users visit our Site, we may automatically collect information such as IP address, unique device identifiers, operating system, and other information related to the device used to interact with our Clients via the BioDuro-Sundia Platform.
Network and Activity Information. We may collect information related to how End Users interact with our Site, such as referring and exit web pages and URLs, browsing history, and other similar information. As described below in the “Our Use of Cookies” section, we may use analytics providers and technologies, including cookies and similar tools, to collect this information.
To the extent permitted by applicable law, we may combine this information with other information we collect, including End Users’ Personal Information.
We may use the Personal Information we collect for the following purposes:
Operate Our Business. We use Personal Information we collect via the Site to communicate with End Users, send newsletters, respond to inquiries regarding our Services, and to otherwise run our day-to-day operations. When we collect Personal Information from End Users as part of their use of our Services, we use the Personal Information to ensure our development and manufacturing operations align with Client expectations and requests.
Conduct Surveys. We use Personal Information we collect to conduct surveys, such as customer satisfaction surveys and market surveys.
Augment Existing Information. We may use Personal Information to obtain additional information from our vendors or other third parties.
Evaluate and Improve Our Site and Services. We may use the Personal Information we collect to evaluate and improve our Site and improve how we communicate regarding our Services.
Security Purposes. We may use Personal Information to mitigate fraud and protect BioDuro-Sundia.
Legal Requirements. We may use Personal Information to comply with lawful court orders, law enforcement requests, or other legal requirements.
Other Operational Purposes. We may use Personal Information for purposes not provided for in this Policy, but if we do, we will notify the End User (and, if necessary, obtain consent) before using the Personal Information in that way.
We may disclose End Users’ Personal Information with the following parties:
Service Providers. We disclose information we collect from End Users to service providers, vendors, contractors, or agents who perform functions on our behalf. This includes entities that host the BioDuro-Sundia Site, provide marketing and direct mailing services on our behalf, assist with our research, development, and manufacturing activities on our Clients’ behalf, and assist us in performing other duties necessary to delivering our Site and Services.
Client and Business Partners. We disclose information we collect to our Clients and business partners as necessary to deliver our Services.
Affiliates. We disclose the information we collect to our affiliates or subsidiaries.
We also may disclose End User Personal Information in the following circumstances:
At an End User’s Request. We may disclose information to others when requested, explicitly or implicitly, by an End User.
Business Transfers. If (i) we or our affiliates are or may be acquired by, merged with, or invested in by another company, or (ii) if any of our shares or assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from End Users to the other company. As part of the business transfer process, we may share certain Personal Information with lenders, auditors, and advisors, including attorneys and consultants.
In Response to Legal Process. We disclose Personal Information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
To Protect Us and Others. We disclose Personal Information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our terms of use or this Policy, or as evidence in litigation in which we are involved.
With an End User’s Permission. We may disclose Personal Information in ways not described above. If we do so, we will notify End Users, and if necessary, obtain consent.
We use cookies, tags, and similar tracking technologies (“Cookies”) on our Site to provide, customize, evaluate, and improve our services. A Cookie is a small piece of text that is placed on your device’s browser when you visit a website. These include our own first-party Cookies as well as third-party Cookies of our service providers and partners. Some Cookies are only stored temporarily and are destroyed each time you close your web browser. We also use persistent Cookies, which do not delete when you close your browser and may collect and store data for a set period of time after leaving our platform.
How We Use Cookies
We use Cookies for the following purposes:
Performance and Analytics. Cookies help us analyze how you interact with our Clients via the Site. These Cookies enable us to monitor and improve our Site’s performance, our Services, and End User experiences.
How to Manage Cookies
If you wish to prevent cookies from tracking your activity on our Sites or visits across multiple websites, you can set your browser to block certain cookies or notify you when a cookie is set; you can also delete cookies. The “Help” portion of the toolbar on most browsers will tell you how to prevent your device from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to delete cookies. Visitors to our Sites who disable cookies will be able to browse the Sites, but some features may not function.
You can also control how participating third-party ad companies use the information that they collect about your visits to our websites and use of our mobile applications, and those of third parties, in order to display more relevant targeted advertising to you. If you are in the U.S., you can obtain more information and opt out of receiving targeted ads from participating third-party ad networks at aboutads.info/choices (Digital Advertising Alliance).
You may also download the DAA AppChoices tool in order to help control interest-based advertising on apps on your mobile device:https://youradchoices.com/appchoices
We are not responsible for the completeness, effectiveness, or accuracy of any third-party opt-out options or programs.
Some web browsers and mobile operating systems offer a “Do Not Track” setting you can activate to signal your preference not to have data about your online browsing activities monitored and collected. Currently, Site does not recognize “Do-Not-Track” requests.
We do not knowingly collect Personal Information from End Users under the age of thirteen (13) without parental consent. If we become aware that we have collected information from a child under 13 years old without parental consent, we will delete such information from our records. If you are a parent or legal guardian and believe your child has given us information and you did not provide consent, please contact using the information provided in the “Contact Us” section below.
Depending on where you are located, End Users may have certain rights regarding their Personal Information. Please note these rights are generally exercisable against BioDuro-Sundia’s Clients and not against BioDuro-Sundia because BioDuro-Sundia is acting as a service provider to our Clients.
End Users who have questions or concerns about the data handling practices of our Clients or who wish to exercise privacy rights should contact the relevant Client directly. Where necessary, BioDuro-Sundia will assist our Clients with an exercise of a privacy right by an End User.
Where BioDuro-Sundia collects End User Personal Information for its own purposes, End Users may have the right to request the following:
Request Access. The right to request access to, and a copy of, Personal Information we have collected. This may also include the right to know the categories of Personal Information collected, the sources from which we have collected Personal Information, our business purposes, and the categories of third-parties to whom we have disclosed Personal Information.
Right to Correct. The right to request we correct inaccurate Personal Information.
Right to Delete. Subject to certain conditions and exceptions, the right to request we delete Personal Information.
Right to Opt-Out. The right to opt-out of our use of Personal Information for marketing and advertising purposes.
If you would like to exercise your privacy rights, please contact us as described below.
Verification. Before we comply with your request, we may need to verify your identity. Please provide us with your name, the email address with which you have communicated with us in the past, and, if applicable, the name of the Client of vendor on whose behalf you interacted with us. In some cases, we may need to request additional information to verify your identity. If we cannot verify your identity after a good faith attempt, we may deny your request and will explain the basis for the denial.
Nothing in this Policy restricts our ability to:
Comply with federal, state, or local laws;
Comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities;
Cooperate with law enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate federal, state, or local law;
Exercise or defend legal claims;
Detect security incidents and protect against fraudulent or illegal activity and prosecute those responsible for such activity;
Transfer Personal Information as part of a merger or acquisition, dissolution, bankruptcy, or any other transaction in which a third party assumes control of all or part of our business.
Our Site may contain links to unaffiliated websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those websites. We are not responsible for the information practices of such websites.
This Policy is current as of the last updated date given above. We may change this Policy from time to time, so please be sure to check back periodically. Where we make changes to this Policy that materially impact the use of Personal Information we will attempt to notify End Users, such as via email or by placing a notice on our homepage.
If you have questions about this Policy, our internal data handling practices, or would like to make a complaint, please contact us at:
Email: info@bioduro-sundia.com
This section of our Policy provides additional information about how we handle Personal Information of California residents, as required under the California Consumer Privacy Act 2018, as amended by the California Privacy Rights Act 2020 (the “CCPA”). In general, this section applies to employees of our Clients and vendors who reside in California as well as any visitors to our Site from California.
Categories of Data We Collect, Disclose, and Sell
| Categories of Personal Information | Categories of Sources | Do we disclose for a business purpose(s)? | Do we “sell” or “share”? |
| Name, Contact Information, and Other Identifiers: Identifiers such as a real name, address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address |
From you directly. From your employer. |
YES | NO |
| Usage Data: Internet or other electronic network activity information, including, but not limited to, browsing history, clickstream data, search history, |
From you directly. |
YES | NO |
| and information regarding a resident’s interaction with an internet website, application, or advertisement. |
How We Use Personal Information
When we collect Personal Information from Client and vendor personnel, we use that Personal Information for the following business or commercial purposes (and any directly related purposes):
for billing, collections, and payment purposes;
for security and safety when you visit our facilities;
to manage our technology resources (e.g., cyber-risk management, infrastructure management and business continuity);
to detect and prevent fraud;
to protect and defend our rights or property, or the rights and property of others;
to perform corporate governance, training, and other internal functions;
for archiving and record-keeping;
in the event of corporate transactions such as a financing, merger, acquisition, takeover, amalgamation or other disposal of assets or interests;
to investigate, enforce, and apply this Policy and to otherwise protect our own rights and interests, such as to resolve any disputes or to respond to legal process;
to comply with the law, when certain information is necessary to satisfy our legal or regulatory obligations and to respond to lawful requests, court orders, and legal process.
For our Clients, we process this Personal Information for the following additional purposes:
to provide you our Services, process your transactions, and fulfill your orders.
to maintain your account and otherwise run our day-to-day operations.
to conduct business with you, including to perform our contractual obligations to your employer or principal;
to provide you and your employer with marketing materials about products, services, news, offers, promotions and events which we think may be of interest to you;
to communicate with you and your employer, including to fulfill requests and orders, answer questions and other requests from you, provide customer support, and communicate with you and your employer about business opportunities;
to operate and expand our business activities and evaluate, develop, and improve the quality of our products and services;
For our vendors, we process this Personal Information for the following additional purposes:
to manage our contracts with your employer or principal and receive products or services;
to ensure we are receiving products or services appropriately and on terms most beneficial to us;
for vendor management purposes, including vendor risk management;
Retention Of Personal Information
We retain the Personal Information we collect only as reasonably necessary for the purposes described in this Policy, or otherwise disclosed to you at the time of collection. For example, we will retain certain identifiers for as long as it is necessary to comply with our accounting and recordkeeping obligations, to provide our Clients with Services, and for research, development, and safety purposes, plus an additional period of time as necessary to protect, defend, or establish our rights, defend against potential claims, and to comply with our legal obligations.
Deidentification Of Personal Information
Occasionally, we may deidentify Personal Information and use the deidentified information for our internal purposes. We commit to maintaining and using this information in deidentified form and will not attempt to reidentify the information except to determine whether our deidentification process is effective.
Additional Rights Regarding Personal Information
The CCPA provides California residents with specific rights regarding Personal Information. In addition to the rights listed above under Your Privacy Rights, California residents may have the following rights:
Right to Opt-Out of Sale/Sharing of Personal Information. We do not currently engage in any activities that would be considered “selling” or “sharing” Personal Information under the CCPA. Therefore, there is no need to exercise this right.
Right to Limit the Use and Disclosure of Sensitive Personal Information.We do not collect any sensitive Personal Information and therefore do not engage in uses of this type of information that would trigger this right under the CCPA.
Right to Non-Discrimination.We will not discriminate against you in terms of price or service level for exercising any rights described in this Policy.
You may exercise your rights by contacting us at info@bioduro-sundia.com
This section of our Policy provides additional information about how we handle Personal Information of individuals located in the EEA or UK. In general, this section applies to employees of our Clients and vendors who are located in the EEA or UK, as well as any visitors to our Site from the EEA or UK.
Legal Bases for Processing
We rely on one of several different legal bases to process your Personal Information, as follows:
Right to Opt-Out of Sale/Sharing of Personal Information. We do not currently engage in any activities that would be considered “selling” or “sharing” Personal Information under the CCPA. Therefore, there is no need to exercise this right.
Right to Limit the Use and Disclosure of Sensitive Personal Information.We do not collect any sensitive Personal Information and therefore do not engage in uses of this type of information that would trigger this right under the CCPA.
Necessary for Performance of a Contract.We use Personal Information to take steps necessary to perform our obligations with our Clients, or to ensure our vendors perform their obligations to us. For our Legitimate Interests.We use Personal Information to further our legitimate interests in protecting the security and safety of our personnel, our Clients and vendors, and their personnel. This may include, for example, taking steps to prevent fraud, misuse, or utilization of our Services for illegal purposes. We take necessary steps to safeguard Personal Information when we rely on this legal basis. Based on Compliance with EEA/UK Law.We use Personal Information to comply with legal obligations to which we are subject. Based on Consent.Where we have obtained it, we use Personal Information with End Users’ consent. For example, we may use Personal Information to send marketing communications or newsletters based on consent. End Users are entitled to withdraw their consent at any time.
Additional Rights Regarding Personal Information
EEA and UK law provides individuals located in those regions with specific rights regarding Personal Information. In addition to the rights listed above under Your Privacy Rights, you may have the following rights:
Right to Restrict Use of Personal Information.The right to restrict our use of Personal Information where (i) you contest the accuracy of the Personal Information; (ii) the use is unlawful, but you do not want us to erase the Personal Information; (iii) we no longer need the Personal Information for the relevant purposes, but you require it for the establishment, exercise, or defense of legal claims; or (iv) you have objected to our Personal Information use justified on where we need to process the Personal Information for the establishment, exercise or defense of legal claims.
Right to Lodge a Complaint.You have the right to lodge a complain with a supervisory authority in your country of residence if you believe our use of Personal Information infringes this Policy or applicable law.
You may exercise your rights by contacting us at info@bioduro-sundia.com
Transfer of Personal Data
We transfer your personal data to the United States. When transferring personal data to entities located in a country outside the EEA or UK that is not deemed to have an adequate level of data protection, we take measures to provide adequate protection for your personal data. We enter into data processing agreements and data transfer agreements that include standard contractual clauses approved by the European Commission or the UK Information Commissioner’s Office. Where required, we conduct transfer risk assessments and put in place supplementary measures to protect any personal data we transfer outside the EEA or UK to countries that do not have an adequate level of data protection.
If you are based in China, please refer to the Privacy Policy in Chinese.
